﻿using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;

public partial class Admin_Users_New : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
      // For admin pages, check the current user is an admin person
      if (!Conn.IsAdminUser())
      {
        Response.Redirect("Default.aspx");
      }
    }
    protected void bnCreate_Click(object sender, EventArgs e)
    {
      if (txtEmail.Text.Length > 0 && txtPass.Text.Length>0)
      {
        using (SqlConnection conn = Conn.GetOpened())
        {
          string sql = "insert into users (email,password,admin) values (@email,@password,@admin)";
          SqlCommand cmd = new SqlCommand(sql, conn);
          cmd.Parameters.AddWithValue("@email", txtEmail.Text);
          cmd.Parameters.AddWithValue("@password", Util.HashAndSalt(txtPass.Text));
          cmd.Parameters.AddWithValue("@admin", chkAdmin.Checked);
          cmd.ExecuteNonQuery();
        }
        Response.Redirect("Admin-Users.aspx");
      }
    }
}
